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(si) Method and apparatus for verification of classes of documents. 



(g) Method and apparatus for verification of 
documents belonging to selected groups of 
classes of such documents. The documents are 
verified to assure that information contained in 
the documents is authenticated and un- 
changed. In one embodiment of the subject 
invention the documents maybe identification 
cards including both text (T) and an image (I) of 
the bearer. Each document also includes en- 
crypted information EJM] derived from the docu- 
ment, and encrypted decryption key CE.£DJ 
for decrypting the encrypted information 
and information identifying the document as a 
member of the jth class Cj of a group of classes 
of documents. Verifying apparatus validates the 
document by a scanning information from the 
document decrypting the encrypted decryption 
key an using the decryption key so obtained to 
decrypted the encrypted information and com- 
paring the recovered encrypted information 
with information derived from the document 
directly. The verifying apparatus is responsive 
to enabling information from a data center (40) 
to enable the verifying apparatus to decrypt the 
encrypted decryption key for any document in a 
selected group of classes. 
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The present invention generally relates to a reli- 
able document verification system and, in particular, 
relates to a reliable document verification system us- 
ing a public key cryptosystem. 

Throughout history one of the tasks undertaken 
by many people and organizations has been proving 



encryption keys and decryption keys. These keys in- 
cludes the properties that: a) it is possible to compute 
a pair of keys including an encryption key and a de- 
cryption key; b) such that, for each pair, the decryp- 
5 tk>n key that is not the same as the encryption key; 
and c) it is not feasible to compute the decryption key 



the authenticity of the information content of docu- 
ments. The importance of actually proving the au- 
thenticity of a document can range from merely iden- 
tifying a signature to verifying military and/or political 
intelligence. Further, as often as one tries to demon- 
strate the authenticity of a document, there is usually 
at least one party that attempts to forge a document. 
Hence, there has been, and probably will continue to 
be, an ongoing struggle to be able to reliably verify 
documents. 

Over the years technological advances have 
brought new meaning to the word "document-. Today, 
a document may be, for example, an electronically 
generated receipt from a banking machine or a digi- 
tized recording on an optical recording disk. For the 
purpose of this patent application, therefore, the word 
"document" should be interpreted to include any infor- 
mation placed on any medium including, but not lim- 
ited to, magnetic disks, optical disks or paper. 

Another, similar task that has just as colorful a 
history as document authentication is the secure 
communication of information commonly includes the 
use of encryption/decryption techniques. Similar to 
the forger referred to above, there is usually at least 
one party that is interested in either stealing the infor- 
mation being communicated that has been encrypted 
or supplying false information in an encrypted format 
so that the receiver thereof is disinformed, or both. 
Hence, throughout history various encryption/de- 
cryption schemes have been developed that, at least 
for a time, were thought to be secure only to discover 
that the security had been compromised. Again, tech- 
nological advances have considerably changed the 
field of cryptography. For example, with modern com- 
puters many cryptographic techniques can be broken 
in a relatively short period of time due. primarily, to 
the speed that computers perform mathematical op- 
erations. 

One presently secure cryptographic technique is 
generally known as the public key cryptographic sys- 
tem. One particular form of such a system is fully de- 
scribed and discussed in the basic article entitled "A 
Method For Obtaining Digital Signatures and Public 
Key Cryptosystems ,, by R. L. Rivest, A. Shamir and L. 
Adelmann. Volume 21 #2. February 1978, Communi- 
cations of ACM pages 120-126. This particular sys- 
tem is frequently referred to as the RSA public key 
cryptosystem. 

Public key techniques, as pointed out in the arti- 
cle entitled T>ublic Key Cryptography" by John Smith, 
in tt*». Januar y 1983 e dition of Byte Magazme^pages 



189-218, usually include two different kinds of keys: 



"even from the knowledge of the encryption key. In ad- 
dition, in such a cryptosystem. the encryption and de- 
cryption keys are functionally reversible, i.e. if one 
10 key is used to encrypt the other key can be used to 
decrypt whatever has been encrypted. 

As known, the name "public key" is derived from 
the fact that each party's encryption key can be made 
available, i.e. public, to all parties subscribing to the 
15 particular public key network involved. Hence, as cur- 
rently used, public key cryptographic systems are de- 
signed for the direct communication between any two 
subscribing parties, each party having an unpublish- 
ed decryption key and a published encryption key. 
20 The public key cryptographic system has also 

found use in providing accurate identification of the 
source of a document As discussed on pages 217- 
218 of the Smith article, a sender can effectively sign 
a message by first encrypting the message, or an au- 
25 thenticating portion thereof, such as, for example, the 
name of the sender, using the private decryption key 
of the sender and then encrypt the message with the 
public encryption key of the receiving party. This re- 
sults in a message portion that only the sender could 
30 have created and only the receiver can read. Hence, 
two party communication can, so long as public key 
cryptographic systems are secure, be implemented in 
such a fashion that the authenticity of a document can 
be ensured. 

35 Nonetheless, there remain many instances 

where there is a need, or desire, for a third party to 
authenticate a document relevant to. or communicat- 
ed between, two other parties. One example of such 
a situation would exist if a first party were required, 
40 or simply desired, to prove, or demonstrate, the au- 
thenticity of a particular document to a second party. 
In such a situation, it could be most benef icial if a third 
party could provide a means for authenticating that 
document One particular situation that could exist 
45 would be where a dispute over the authenticity of a 
document arose between two parties and an impar- 
tial third party was selected to resolve the issue to the 
satisfaction of both parties. Such a situation might 
arise when, in accordance with an agreement be- 
so tween two parties, one of the parties was to maintain 
certain records such that the second party could re- 
view those records to ensure compliance with the 
agreement. In such a situation it would be most ben- 
eficial if a third party were available to demonstrate 
55 the accuracy/inaccuracy of the records to the auditing 
second party. 

One solution to the proble ms described above is 



"set forth in U.S. patent no. 4.853,961; to: Pastor, is- 
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sued: August 1 . 1988; for: Reliable Document Authen- 
tication System. This patent discloses a system 
wherein information from a document, preferably 
postage information from a mail piece is encrypted 
using an encryption key E( and incorporated with the 5 
document. The corresponding decryption key D t is 
encrypted with a second encryption key and~als<5 
incorporated with the document To verify the docu- 
ment as authenticate a party wishing to verify the 
document is provided with the decryption key D t cor- 1 o 
responding to encryption key E 1t recovers key D f and 
decrypts the encrypted information, and compares it 
to the information originally in the document. The Pas- 
tor patent contemplates that all keys are provided by 
a trusted third party and thus the verifying party may 15 
be assured that the document has not been changed 
after the encrypted information was incorporated. 

A particular application of this document verifica- 
tion technique is disclosed in commonly assigned, co- 
pending U.S. patent application serial no. 07/979.081 ; 20 
by; Marcus; filed: November 20, 1992; for: Secure 
Identification Card and Method and Apparatus For 
Producing And Authenticating Same. Marcus disclo- 
ses a system for producing and verifying identifica- 
tion cards; that is documents which serve to prove the 25 
identity and status of an associated person or other 
entity. In this application the encrypted information 
from the identification card would include information 
describing the person or other entity to be identified. 
Particularly, the encrypted information may include 30 
information representative of an image of a person to 
be identified. Atypical example of such an identifica- 
tion card would be a driver's license which serves to 
identify the bearer and to confirm the bearer's status 
as a licensed driver. 35 

As is well known, driver license's and similar 
identification cards are used not only for their intend- 
ed purpose, but are also frequently used by third par- 
ties to verify the identity, age, eta of the bearer. For 
example, retail establishments frequently wish to ver- 40 
if y a driver's license before cashing a check or selling 
liquor. The system disclosed in the Marcus applica- 
tion is particularly adapted to this, since the keys pro- 
vided to third parties will not allow the third party to 
forge false documents, as would be possible using 45 
single key systems. 

While the system disclosed in the Marcus appli- 
cation is believed highly satisfactory for its intended 
purpose, it does not contemplate the problem of third 
party who wishes to verify documents from a number so 
of sources. For example, a bar owner close to a state 
line may wish to have the capability to verify driver li- 
censes from one or more neighboring states, while a 
similar bar owner in the middle of the state may have 
no need for such capability, while a retailer located 55 
near a popular tourist attraction may have a need to 
verify driver's licenses from all over the United 



States. 



Consequently, it would be highly desirable to pro- 
vide a method and apparatus for reliably validating 
documents in general and. in particular, to reliably va- 
lidate documents belonging to a plurality of classes. 

The above aim is achieved and the disadvantag- 
es of the prior art are overcome in accordance with 
the subject invention by means of a method^nd ap^ 
paratus for verifying a document belonging to a par- 
ticular, jth class of documents, the jth class being one 
of a plurality of classes of documents, each corre- 
sponding to a particular encryption/decryption key 
pair CE.CD. The document incorporates encrypted 
information, EJM] comprising information derived 
from the document and encrypted with an encryption 
key Et for an encryption/decryption key pair E tf D|, 
where the key pair E if D f can be varied from document 
to document and/or from class to class. The docu- 
ment further includes an encrypted decryption key 
CEjfPJ formed by encrypting decryption key D t with 
encryption key CEj. In accordance with the method 
and apparatus of the subject invention enabling infor- 
mation for enabling retrieval of a decryption key from 
any document in a selected group of classes is pro- 
vided. It is then determined if the subject document is 
in the selected group, and if so the decryption key D, 
is retrieved from the document Key D, is then used 
to decrypt the encrypted information EJM] to obtain 
decrypted information DJEJM]]and the information M 
is derived from the document Decrypted information 
DJEi[M]] is then compared with information M to verify 
that the information contained in the subject docu- 
ment is authentic and unchanged. 

In accordance with one aspect of the subject in- 
vention verifying apparatus for receiving the enabling 
information and for decrypting the encrypting infor- 
mation E ( [M] includes a memory for storing preselect- 
ed decryption keys CD, the keys CD being in one-to- 
one correspondence with the classes, and the verify- 
ing apparatus also includes an enabling apparatus re- 
sponsive to the enabling information to enable the va- 
lidating apparatus to access selected groups of the 
* preselected keys. In accordance with this aspect of 
the subject invention the enabling information in- 
cludes information defining a group of the preselect- 
ed keys CD corresponding to the selected group of 
classes. 

In accordance with another aspect of the subject 
invention the verifying apparatus comprises a mem- 
ory for storing a plurality of decryption keys CD and 
the enabling information includes information defin- 
ing a group of the decryption keys CD corresponding 
to the selected group of classes, and the verifying ap- 
paratus responses to the enabling information to 
store the group of keys CD in the memory. 

In accordance with another aspect of the subject 
invention the document incorporates a second en- 
crypted decryption key GE[D|J encrypted with a group 
encryption key"GE for an encryption/decryption-key 
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pair GE. GD. In accordance with this aspect of the 
subject invention documents in at least one other 
class of documents incorporate a third encryption de- 
cryption key encrypted with group encryption key 
GE. Still further in accordance with this aspect of the 
subject invention the verifying a pparatus includes a 
memory for storing a decryption key and the enabling 
information includes information defining a corre- 
sponding group decryption key GD which enables de- 
cryption of encrypted decryption keys on all docu- 
ments comprised in the selected group of classes, 
and the verifying apparatus responds to the enabling 
information to store decryption key GD in the mem- 
ory. 

In accordance with still another aspect of the sub- 
ject invention, the enabling information is transmitted 
from a data center to the verifying apparatus in en- 
crypted form. 

In accordance with yet another aspect of the sub- 
ject invention, request information is transmitted to 
the data center to request enabling information for a 
selected group of classes, the request information in- 
cluding encrypted information identifying the verify- 
ing apparatus, the data center decrypting the en- 
crypted identifying information and responding to 
transmit the requested enabling information to the 
verifying apparatus. 

Thus, it can be seen that the invention as descri- 
bed and illustrated herein advantageously achieves 
the above object and overcomes the difficulties of the 
prior art by providing a method and apparatus for 
easily verifying groups of classes of documents. 
Other objects and advantages of the subject inven- 
tion will be readily apparent to those skilled in the art 
from consideration of the attached drawings and the 
detailed descriptions set forth below. 

Figure 1 is a schematic block diagram of an ap- 
paratus for producing a document to be verified in ac- 
cordance with the subject invention. 

Figure 2 is a schematic block diagram of an ap- 
paratus for verifying an identification card produced 
in accordance with the subject invention. 

Figures 3 and 4 are a schematic representations 
showing the data relationships between a document 
and the validating apparatus for various embodi- 
ments of the subject invention. 

Detailed Description Of Preferred Embodiments 
Of The Subject Invention 

Figure 1 shows a schematic block diagram of ap- 
paratus 10 for producing a document, more particu- 
larly an identification card C. A person (or other object 
or entity) for whom the identification card is intended 
is scanned by a conventional video scanner 12 to pro- 
duce a first signal representative of that person's im- 

age. Preferably, the first signal is then converted to a 

digital form by an analog-to-digital converter 14 for 



processing in the digital domain. 

The first signal is then input to a compression 
module 16 where it is compressed to reduce the 
amount of data which must be stored on identification 

5 card C. 

Data compression algorithms, specif ically adapt- 
ed for compression of video image signals; are^nowrr — 
to those skilled in the art. Preferably, an algorithm 
known as the JPEG algorithm, which is known and 
10 commercially available is used in compressor 16. Fur- 
ther description of the operation of compressor 16 is 
not believed necessary to an understanding of the 
subject invention. 

The compressed first signal is then input to an en- 
1 5 crypter 20 to be included in the encrypted second sig- 
nal which will be incorporated into identification card 
C, as will be described further below. Encrypter 20 
encrypts the second signal using an encryption key, 
E if for a public key encryption system such as the well 
20 known RSA system. 

The encrypted second signal is then encoded in 
accordance with some predetermined format by cod- 
er module 22, which controls code generator 24 to in- 
corporate the encoded encrypted second signal in a 
25 portion of identification card C. 

In accordance with a preferred embodiment of 
the subject invention the coded signal is coded as a 
two dimensional barcode, such as the PDF-417 stan- 
dard barcode, developed by the Symbol Technology 
30 Corporation of New York. However, the encrypted 
second signal may be coded into any suitable format. 
For example, for a smart card or a memory card coder 
22 and code denerator 24 may store the coded sec- 
ond signal as an appropriately formatted binary data 
35 block. 

Where the coded second signal is represented as 
a two dimensional barcode the barcode will prefer- 
ably be printed on back CB of identification card C. 
The digitized first signal is also input to printer 20 
40 which may use any appropriate technology for the 
production of identification card C to print an image 
of the person O on from CF of identification card C. 
Front CF and back CB are then combined and lamin- 
ated using well known technology by laminator 32 to 
45 product identification card C. 

At least a portion of the text message is combined 
with the compressed from of the first signal to form 
the second signal which is encrypted by encrypter 
module 20 to provide encrypted information EJM], In- 
50 formation M is also printed as plain text on the front 
CF of card C. Alternatively, text T may be com- 
pressed; as for example by deletion of control char- 
acters, which are restored in accordance with a pre- 
determined format when text T is recovered, before 
55 text T is incorporated into the second signal. Thus, 
like image I text T is embodied in card C in both hu- 
manly recognizable form on the front CF and coded 
"form on the"b~ack CB of card C. ~ 
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In a preferred embodiment of the subject inven- 
tion a data center 40 transmits encryption code E| to 
encrypter module 20. In order to increase the security 
of identification card C key maybe changed from 
time to time. For the highest level of security key Ei 
maybe changed for each card C produced. 

To facilitate decry ptlorTof "encrypted "information 
E|M] data center 40 also transmits an encrypted de- 
cryption key X(D J to be appended to the encrypted in- 
formation EJM] by coder module 22. Encryption key 
X can be either a class encryption key CE for a par- 
ticular class of documents produced by apparatus 10, 
or. in other embodiments of the subject invention may 
be a group encryption key GE for a group of classes 
of documents, or in still other embodiments of the 
subject invention decryption key D ( can be encrypted 
with both a class encryption key CE and one or more 
group encryption keys GE. Additionally, an unen- 
crypted representation of the particular class Cj is 
also appended to the encrypted information EJM] by 
coder module 22. Thus, as will be seen below, when 
card C is to be verified the necessary decryption key 
D| can be obtained by decrypting encrypted decryp- 
tion key X[DJ. 

Turning now to Figure 2 apparatus 50 for validat- 
ing an identification card C is shown. The back CB of 
card C is scanned by a barcode scanner 52 having the 
capability to scan an appropriate two dimensional 
barcode. The scanned signal is then decoded by de- 
coder module 54 and decrypted by decrypter module 
58. In a preferred embodiment of the subject inven- 
tion decrypter 58 stores decryption key X, which is 
used to decrypt encrypted key X[DJ to obtain decryp- 
tion key Oil as will be further described below, in key 
memory 59. Key D, is then used to decrypt the decod- 
ed signal scan from card back CB. 

Key X (or keys) is obtained by decrypter 58 form 
center 40. Typically, key X will remain constant during 
operation of system 50, as described above, and a di- 
rect communication link between system 50 and cen- 
ter 40 is not necessary and key X maybe transmitted 
in any convenient manner. 

The decrypted scan signal is then expanded in by 
an algorithm complimentary to the compression algo- 
rithm used in system 10, in a conventional manner 
which need not be described further for an under- 
standing of the subject invention. 

The decrypted, expanded signal is then dis- 
played by a conventional display 62. The display in- 
cludes a representation Rl of image I and the text 
message T which was included in the encrypted sec- 
ond signal scanned from card back CB. To verify the 
card image I is compared with its representation Rl 
and the text message T as printed on card C and as 
shown on display 62 are compared. It should be noted 
that with compression representation Rl will be some- 
what degraded with respect to image I. It has been 
found however that using the above described^ PEG" 



algorithm a sufficiently accurate representation of an 
image of a person's face maybe coded as approxi- 
mately 1,000 bytes of data and printed suing the 
above described PDF-417 two dimensional barcode 
5 in an area of approximately 2.50 by 1 .75 inches on the 
back of a substantially conventional wallet sized card. 
Of course, as described abo^Twithimprovements in 
storage technology and/or the use of media having a 
high data storage capacity as embodiments of iden- 
10 tif ication cards C representation Rl can be arbitrarily 
close to image L 

Once card C is validated by comparison of image 
I and text message T printed on card from CF with rep- 
resentation Rl and the text message T as shown on 
15 display 62 then the identify of the person O carrying 
card C maybe confirmed by comparison of person O 
with image I. Text message T will then confirm the 
identity of person O and may also confirm the status 
or characteristics of person O. 
20 Turning to figure 3, the data relationships be- 

tween keys stored in key memory 59 and the coded 
information on card back CB for a preferred embodi- 
ment of the subject invention is shown. Memory 59 in- 
cludes storage location 59-0 which comprises class 
25 enable flags 1-N. Additionally, memory 59 includes 
storage locations 59-1 through 59-N which initially 
store predetermined class decryption ..keys CD t 
through CD N . To enable a selected group of classes 
apparatus 50 receives enabling information from data 
30 center 40. In accordance with this embodiment of the 
subject invention the enabling information comprises 
a code word which is written into location 59-0. As- 
serted bits of the code word enable the corresponding 
class decryption keys. That is, if the jth bit of the code 
35 word is asserted class decryption key CDj is enabled. 

To validate a document apparatus 50 scans the 
information from card back CD as described above. 
From the unencrypted class identification Cj appara- 
tus 50 determines that card C is in the particular class 
40 C jt apparatus 50 then tests the jth bit of storage loca- 
tion 59-0 and if the bit is asserted decrypts the en- 
crypted decryption key CEj[D|l with the correspond- 
ing, enabled class decryption key CDj, decrypts the 
encrypted information EJM] and validates the card as 
45 described above. 

Typically, apparatus 50 will be primarily intended 
to validate particular class Cj and the jth bit of location 
59-0 will initially be asserted. For example, if appara- 
tus 50 is located in a particular state and card C is a 
sa driver's license then class Cj will be driver's licenses 
issued by that state and the jth bit will be initially as- 
serted in location 59-0. 

At a later time the user of apparatus 50 may wish 
to add additional classes of documents which can be 
55 verified. For example, the user may wish to verify 
driver's licenses from neighboring states. To do this 
the user requests enabling information from data 
"center 40. In response to this request data center 40 
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transmits a new code word wherein bits correspond- 
ing to the class decryption keys for the neighboring 
states are asserted. 

In accordance with a preferred embodiment of 
the subject invention this enabling information maybe 5 
_encrypted. eithe r with class encryption key CE, or 
with any other convenient key, and decrypted by ap- 
paratus 50 prior to storing the code word in location 
59-0. 

More particularly, enabling information may be to 
transmitted to apparatus 50 in substantially the same 
manner as information for recharging of postage me- 
ter is transmitted, as is described in U.S. patent no. 
4.097,923 to: Eckert Jr. etal.; issued: June 27. 1978, 
which is hereby incorporated by reference. In this em- is 
bodiment of the subject invention apparatus 50 would 
transmit an identification code as well as encrypted 
information which would include a request for ena- 
bling information to enable a selected group and a se- 
cure serial number not accessible to users of appara- 20 
tus 50. The encrypted information can be encrypted 
with class decryption key CD] or any other convenient 
key. Upon receipt of this request data center 50 iden- 
tifies the appropriate key to decrypt the encrypted in- 
formation with encryption key CEj or other appropri- 25 
ate corresponding key. 

Data center 40 then generates appropriate ena- 
bling information, i.e. a code word having the bits cor- 
responding to the requested classes asserted, and 
encrypts it with class encryption key CEj or other con- 30 
venient key and transmits the encrypted enabling in- 
formation to apparatus 50 for decryption and storage 
in location 59-0. 

As noted above decryption keys used by appara- 
tus 50 will not normally be changed during normal op- 35 
erations and accordingly data maybe transmitted be- 
tween apparatus 50 and data center may take place 
in any convenient manner including, but not limited to: 
communications over a data communications link, 
physical transmission of installable data storage de- 40 
vices such as floppy disks or programmable read only 
memory chips, or transmission between human oper- 
ators for manual data input. 

In alternative embodiment, similar to that dis- 
cussed above, the enabling information may com- 45 
prise class decryption keys comprised in a selected 
group and the remaining locations in memory 59 will 
contain null information. In this embodiment class 
enabling flags 59-0 are unnecessary since attempted 
decryption with null information will produce mean- so 
ingless results. 

In still another alternative embodiment where it is 
desired to allow verifying apparatus to verify later 
added classes without communicating with a data 
center, memory 59 stores all present and possible f u- 55 
ture class decryption keys CD which are all perma- 
__jiently_ejiaWed_ 



embodiment of the subject invention wherein memory 
59 includes only a single storage location having two 
portions, a group decryption key GD* portion 59K and 
a group definition portion 59-h. Card back CB in- 
cludes a class identification Cj. and encrypted de- 
cryption key CE|[DJ, and encrypted information EJM], 
"ail as described above. Additionally, card back CB in- 
cludes an encrypted decryption key GEJD,] encrypt- 
ed with a group encryption key GE* which is used for 
at least one other class of documents. That is. there 
is at least 1 class C k of documents wherein a decryp- 
tion key D', is encrypted with group encryption key 
GEk. To validate the information apparatus 50 reads 
the dass identification Cj and tests it against the 
group K definition 59-h to determine if the group de- 
cryption key GD k can be used to decrypt decryption 
key Di for documents in class Cj apparatus 50 then 
decrypts encrypted decryption key GEJDJ to recover 
decryption key D f and validates card C as described 
above. 

It will be apparent that cards in class C, may be- 
long to more then one group of classes, in which case 
card back CB will include appropriate corresponding 
encrypted decryption keys encrypted with appropri- 
ate group encryption keys. In this case the encrypted 
decryption keys GE[DJ will include a tag T so that the 
appropriate encrypted decryption key can be quickly 
identified without the need for trial and error decryp- 
tion of all keys. 

In this embodiment of the subject invention ena- 
bling information to change the group of classes 
which apparatus 50 can validate would include the 
appropriate group decryption key and the appropriate 
header identifying the classes which can be validat- 
ed. 

The preferred embodiments described above 
have been given by way of example only* and other 
embodiments of the subject invention will be appa- 
rent to those skilled in the art from consideration of 
the detailed descriptions set forth above and the at- 
tached drawings. Accordingly, limitations in the sub- 
ject invention are to be found only in the claims set 
forth below. 

Particularly, the subject invention is not limited to 
identification cards but is applicabte to any document 
including image data, text, or combinations thereof or 
any other convenient form of information for which the 
need exists for validation that the information is au- 
thentic and unchanged. 

While the preferred embodiment identifies the 
class of a document by identification information Cj it 
is also within the contemplation that the class may be 
determined by attempting to decrypt the document 
with all available decryption keys and testing the re- 
sults for a meaningful message. 



Figure 4 shows the data relationship for another 
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1ms 

A method for verifying a document belonging to 
a jth class of documents, said jth class being one 
of a plurality of classes of documents, each of 5 
said classes corresponding to a class encryp- 
tion/decryption key pair~CE7CD, said^ocument 
incorporating encrypted information Ej[M] com- 
prising information M derived from said docu- 
ment and encrypted with an encryption key Ej for 10 
an encryption/decryption key pair E ( , D lf and said 
document further incorporating an encrypted de- 
cryption key CE[D,] comprising decryption key D, 
for said key pair E f . Dj encrypted with encryption 
key CE; for encryptional decryption key pair 15 
CE,CD associated with said jth class, said meth- 
od comprising the steps of: 

a) providing enabling information for enabling 
retrieval of a decryption key from any docu- 
ment in a selected group of said classes: 20 

b) determining if said document is in said se- 
lected group, and if so retrieving said decryp- 
tion key Di from said document; 

c) decrypting said encrypted information 
Ei[M] to obtain decrypted information D|[Ej[M]] 25 
and deriving said information M from said 
document; and 

d) comparing said decrypted encrypted infor- 
mation Di[E[[M]] with said information M to ver- 
ify the information contained in said docu- 30 
ment as authentic and unchanged. 

A method as described in claim 1 further compris- 
ing the step of: 

a) providing verifying means for receiving said 35 
enabling information and for decrypting said 
encrypted information EJM], said verifying 
means further comprising memory means for 
storing preselected decryption keys CD, said 
preselected keys CD being in one-to-one cor- 40 
respondence with said classes, and still fur- 
ther comprising means responsive to said 
enabling information for enabling said verify- 
ing means to access selected groups of said 
preselected keys; and wherein, 45 

b) said enabling information comprises infor- 
mation defining a group of said preselected 
keys CD corresponding to said selected 
groups of classes. 

50 

. A method as described in claim 2 wherein said 
enabling information comprises a code word, the 
bits being in one-to-one correspondence with 
said preselected keys CD. said verifying means 
storing said code word and said enabling means 55 
responding to said code word to enable access to 
one of said preselect ed keys if and only if a cor- ^ 
responding bit ofsaid code word is asserted. 



4. A method as described in daim 3 wherein said 
code word is encrypted, said verifying means de- 
crypting said code word prior to storing said code 
word. 

5. 5. A method as described in claim 4 wherein said 
verifying means initially stores"a"firSt"CO"de"word 
code having an asserted bit corresponding to one 
of said preselected keys CD jf said preselected 
key CDj corresponding to said jth class; and 
wherein subsequent values for said code word 
are encrypted with said key CEj. 

6. A method as described in claim 2 comprising the 
further step of: 

a) transmitting request information to a 
data center, said request information including 
encrypted information identifying said verifying 
means and a request for enabling information de- 
fining said group of said preselected keys CD cor- 
responding to said selected group of classes: 
wherein said data center decrypts said encrypted 
identifying information and responds to send said 
requested enabling information to said verifying 
means. 

7. A method as described in claim 1 further compris- 
ing the steps of: 

a) providing verifying means for receiving said 
enabling information and for decrypting said 
encrypted information E|M], said verifying 
means further comprising memory means for 
storing a plurality of decryption keys CD; and 
wherein, 

b) said enabling information comprises infor- 
mation defining a group of said decryption 
keys CD corresponding to said selected group 
of classes; and 

c) said verifying means further comprises 
means responsive to said enabling informa- 
tion for storing said group of decryption keys 
in said memory means. 

8. A method as described in claim 7 wherein said 
verifying means initially stores at least decryp- 
tion key CDj for said jth class and subsequent val- 
ues for said enabling information are encrypted 
with said corresponding key CEj. 

9. A method as described in claim 7 comprising the 
further step of: 

a) transmitting request information to a 
data center, said request information including 
encrypted information identifying said verifying 
means and a request for enabling information de- 
fining said group of said decryption keys corre- 
sponding to said selected group of classes; 
wherein said data cehtefcJecrypts said encrypted 
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identifying information and responds to send said 
requested enabling information to said verifying 
. . means. 

10. A method as described as claim 1 wherein said 5 

document further incorporates a second encrypt- 

ed decryption key GE[DJ encrypted with a group 
encryption key GE for an encryption/decryption 
key pair GE.GD, and wherein documents in at 
least a kth class incorporate a third encrypted de- 1 o 
cryption key GE[D'd, and further comprising the 
step of: 

a) providing verifying means for receiving said 
enabling information and for decrypting said 
encrypted information EJM], said verifying 15 
means further comprising memory means for 
storing a decryption key; and wherein, 

b) said enabling information comprises infor- 
mation defining a group decryption key GD for 

said key pair GE, GD, said decryption key GD 20 
enabling decryption of encrypted decryption 
keys on all documents comprised in said se- 
lected group; and 

c) said verifying means further comprises 
means responsive to said enabling informa- 25 
tion for storing said decryption key GD in said 
memory means. 



30 



11. A method as described in claim 10 wherein said 
enabling information comprises said group de- 
cryption key GD in encrypted form. 

12. A method as described in claim 11 wherein said 
verifying means initially stores said class decryp- 
tion key CD; and said enabling information fur- 35 
ther comprises an encrypted group decryption 

key CE;[GD] encrypted with said corresponding 
encryption key CE. 

13. A method as described in claim 10 comprising the 40 
further step of: 

a) transmitting request information to a 
data center, said request information including 
encrypted information identifying said verifying 
means and a request for enabling information de- 45 
fining said group decryption key GD. wherein 
said data center decrypts said encrypted identi- 
fying information and responds to transmit said 
requested enabling information to said verifying 

so 

means. 

14. A method for verifying a document belonging to 
a jth dass of documents, said jth class of docu- 
ments corresponding to an encryption decryp- 
tion key pair CE.CD, said document incorporating 55 
encrypted information EJM] comprising informa- 
_jion M derived from said docu ment and encrypt- 



cryption key pair E i( D, an encrypted decryption 
key CE;[D|] comprising decryption key D, en- 
crypted with encryption key CEj for key pair 
CEjjCDj and class information identifying said 
document as belonging to said jth class, said 
method comprising the steps of: 



a) providing validating means for decrypting 
said encrypted information EJM], said validat- 
ing means comprising memory means for 
storing a sequence of preselected decryption 
keys CD 1f CD 2 . . CD„ wherein the jth key in 
said sequence CDj; is the decryption key for 
said key pair CEj,CDj and means responsive 
to said class information for retrieving keys 
from said memory means; 

b) inputting said class information from said 
document to said validating means; 

c) said validating means retrieving said jth key 
in said sequence CDj from said memory 
means; 

d) said validating means then decrypting said 
encrypted decryption key CEjfDj] to obtain 
said decryption key Di, and then decrypting 
said encrypted information EJM] to obtain de- 
crypted information DjCEj[M]]; 

e) deriving said information M from said docu- 
ment; and, 

f) comparing said decrypted information 
DilEJM]] from said verifying means with said 
information M to verify the information con- 
tained in said document as authentic and un- 
changed. 

15. An apparatus for verifying a document belonging 
to a jth class of documents, said jth class being 
one of a plurality of classes of document, each of 
said classes corresponding to a class encryp- 
tion/decryption key pair CE.CD. said document 
incorporating encrypted information EJM] com- 
prising information M derived from said docu- 
ment and encrypted with an encryption key E t for 
an encryption/decryption key pair E h D it and said 
document further incorporating encrypted de- 
cryption, key CEjtDJ comprising decryption key 
D, for said key pair E,,D| encrypted with encryp- 
tion key CE; for class encryption/decryption key 
pair CE,,CD, associated with said jth class, com- 
prising: 

a) means for scanning said document to input 
scanned information, said scanned informa- 
tion including said encrypted information 
Ej[M], said encrypted decryption key CEjDJ, 
and information identifying said jth class C,; 

b) means responsive to enabling information 
for enabling retrieval of a decryption key from 
any document in a selected group of said 
classes of documents and responsive said 



ed with an encryption key E, for an encryption/de- 



identifyihg information^ to determine if said 
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document is in said selected group, and if so 
retrieving said decryption key Di from said 
scanned information; 

c) means for decrypting said" encrypted infor- 
mation Ei[M] from said scanned information to 5 
obtain decrypted encrypted information 
DJEifM]]; and 

d) means for comparing said decrypted en- 
crypted information Dj[Ei[M]] with said infor- 
mation M to verifying the information con- 10 
tained in said document as authentic and un- 
changed. 

16. An apparatus as described in claim 15 wherein 

said enabling means further comprises memory 15 
means for storing preselected keys CD, said pre- 
selected keys CD having in one-to-one corre- 
spondence with said classes, and wherein said 
enabling means responds to said enabling infor- 
mation to enable access to a group of said pre- 20 
selected keys CD, said group of keys correspond- 
ing to said group of classes. 

17. An apparatus as described in claim 16. wherein 

said enabling information comprises a code word, 25 
and said enabling means further comprises a 
storage location for storing said code word, bits 
of said code word being in one-to-one correspon- 
dence with said preselected keys, said apparatus 
further comprising means for storing said code 30 
word in said storage location upon receipt of said 
enabling information and'said enabling means re- 
sponding to asserted bits of said stored code 
word to enable access to corresponding ones of 
said keys CD. 35 

18. An apparatus as described in claim 17 wherein 
said code word is encrypted, said decrypting 
means being further for decrypting said code 
word prior to storing said code word. *o 

19. An apparatus as described in claim 16 further 
comprising: 

a) means for transmitting request informa- 
tion to a data center, said request information in- 45 
eluding encrypted information identifying said 
apparatus and a request for enabling information 
defining said group of said preselected keys CD 
corresponding to said group of classes, wherein 
said data center decrypts said encrypted identi- so 
fying information and responds to send said re- 
quested enabling information to said apparatus. 

20. An apparatus as described in claim 15 wherein 
said enabling means further comprises a mem- 55 
ory means for storing a plurality of said preselect- 
ed keys CD, and wherein said enabling informa- 

tion comprises" Information defining - a group of 
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said decryption keys CD corresponding to said 
selected group of classes; said apparatus further 
comprising means responsive to said enabling in- 
formation for storing "said group of decrypting 
keys in said memory means. 

21. An apparatus as described™ dainr20 wherein 
said apparatus initially stores at least a decryp- 
tion key CDj for said jth class and subsequent val- 
ues for said enabling information are encrypted 
with said corresponding key CEj. 

22. An apparatus as described in claim 20 further 
comprising: 

a) means for transmitting request informa- 
tion to a data center, said request information in- 
cluding encrypted information identifying said 
apparatus and a request for enabling information 
defining said group of said preselected keys CD 
corresponding to said group of classes, wherein 
said data center decrypts said encrypted identi- 
fying information and responds to send said re- 
quested enabling information to said apparatus. 

23. An apparatus as described in claim. 15 wherein 
said document further incorporates a second en- 
crypted decryption key GE[DJ encrypted with a 
group encryption key GE for an encryption/de- 
cryption key pair GE.GD, and wherein docu- 
ments in at least a kth class incorporate a third 
encrypted decryption key GE[Dj*]; and said ena- 
bling means further comprises memory means 
for storing a decryption key GD for said encryp- 
tion/decryption key pair GE.GD, said decryption 
key GD enabling decryption of encrypted decryp- 
tion keys on all documents comprised in said se- 
lected group: said apparatus further comprising 
means, responsive to said enabling information 
for storing said decryption key GD in said mem- 
ory means. 

24. An apparatus as described in claim 23 wherein 
said enabling information comprises said group 
decryption key GD in encrypted form and said de- 
crypting means is further for decrypting said en- 
cryption of decryption key GD prior to storing said 
decryption key GD in said memory means. 

25. An apparatus as described in claim 24 wherein 
said apparatus initially stores said class decryp- 
tion key CDj and said enabling information com- 
prises encrypted decryption key CEjCGD] en- 
crypted with said corresponding encryption key 
CEi- 

26. An apparatus as described in claim 23 further 
comprising: 

a) means for transrnlttlngrequest informa- 
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tion to a data center, said request information in- 
cluding encrypted information identifying said 
apparatus and a request for enabling information 
defining said group decryption key GD; wherein 
said data center decrypts said encrypted identi- 
fying information and responds to transmit said 
request enabling information to said apparatus. 



27. An apparatus for validating a document belong- 
ing to a jth class of documents, said jth class of w 
documents corresponding to an encryption/de- 
cryption key pair CEj CD if said document incor- 
porate encrypted information E ( [M] comprising in- 
formation M derived from said document and en- 
crypted with an encryption key Ei for an encryp- 15 
tion/decryption key pair E it D,, and encrypted de- 
cryption key CEjlDQ comprising decryption key D, 
encrypted with encryption key CEj for key pair 
CEj.COj, and class information identifying said 
document as belonging to said jth class, said ap- 20 
paratus comprising: 

a) means for scanning said document to input 
scanned information, said scanned informa- 
tion including said encrypted information 
EJM] said encrypted decryption key CEJD,], 25 
and information identifying said jth class Cj; 

b) memory means for storing a sequence of 
preselected decryption keys CD lf CD 2 , . - - 
C nt wherein the jth key in said sequence CD; 

is the decryption key for said key pair CEj, 30 
CDj; 

c) means responsive to said class identifying 
information for retrieving said jth key CDj from 
said memory means; 

d) means responsive to said jth key CDj for de- 35 
crypting said encrypted decryption key 
CEJDJ and then decrypting said encrypted in- 
formation EJM] to obtain decrypted informa- 
tion Dj[Et[M]]; and 

e) means for comparing said decrypted en- 40 
crypted information D t (Ei[M]] with said infor- 
mation M to validate said document as au- 
thentic and unchanged. 
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